Automatic WordPress Update Via SSH Authentication

Advertisement

Here is How To Configure WordPress Automatic WordPress Update Via SSH Authentication For a Very Secured WordPress Setup on Multiple Nodes. Normally, if we do not CHMOD WordPress Directories and Files to writable, the WordPress installation asks for FTP username and password; which again we can bypass by adding one line in wp-config.php file. However, it is possible to setup more secure method of authentication, that is adding one SSH user and adding few lines in wp-config.php file. This guide on automatic WordPress update via SSH authentication is exactly for this setup.

Automatic WordPress Update Via SSH Authentication : Preparation

We need to have SSH2 extension installed for PHP. That depends on the Server OS, Version and Webserver. In general, for deb Linux we need to check by running :

Vim

1

php--ri ssh2

This should give this output :

Vim

1

2

3

4

5

6

ssh2

SSH2 support=>enabled

extension version=>0.12

libssh2 version=>1.4.3

banner=>SSH-2.0-libssh2_1.4.3

Else you need to check the documents to properly install it. Another way to check is to create a test.php file with the following content in FTP root :

Vim

1

2

3

4

5

6

7

8

<?php

if(function_exists('ssh2_connect'))

{

echo"true";

}

?>

If you point to the PHP file from browser, you’ll see true as output for the right setup. Who are the owners of the WordPress files, that is important. Because, root‘s ~/.ssh location and other user’s ~/.ssh will be different.

Vim

1

2

cd~/.ssh

catauthorized_keys

For OpenStack, you will have a Nova generated key. You can run ssh-keygen command and enter any custom nameto avoid the file names to be id_rsa.pub and id_rsa. Set a passphrase to add additional security. If ownership of the files is not correct, you’ll need to chmod these files :

We can further restrict by editing / adding the subnet like from="10.0.0.1" before ssh-rsa in this file :

Vim

1

/home/wordpress-user/.ssh/authorized_keys

FTP host will be edited rightly like shown above. In this case, you can restrict the access of the other nodes to wp-config.php file. Unless there are many nodes, this much security is usually not required.